CN100367700C - Large scale digital live broadcast method based on digital right management - Google Patents
Large scale digital live broadcast method based on digital right management Download PDFInfo
- Publication number
- CN100367700C CN100367700C CNB2004100625752A CN200410062575A CN100367700C CN 100367700 C CN100367700 C CN 100367700C CN B2004100625752 A CNB2004100625752 A CN B2004100625752A CN 200410062575 A CN200410062575 A CN 200410062575A CN 100367700 C CN100367700 C CN 100367700C
- Authority
- CN
- China
- Prior art keywords
- module
- digital content
- user
- client
- bytes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention relates to a large scale digital direct broadcast method based on digital authority management, which belongs to the technical field of information transmission. Firstly, digital content is received and is enciphered; personal registration information of a user is received, and an identifier is generated; the user acquires a scheduler module address from a publish module; the users sends a scheduling request; the scheduler module sends a scheduling result to a client which initiates a service request to a direct broadcast module or a higher client, and the digital content is sent to the client by the direct broadcast module or the higher client; the client requests a license from a license issue module, and reproduces the digital content according to the license. The method of the present invention provides a direct broadcast service for users, the users can not directly obtain original digital content from enciphered digital content because the digital content of the direct broadcast is enciphered or a watermark is added, a content proprietor can control and manage the use of the content of the users through issuing licenses, and legal rights of the digital content proprietor are maintained.
Description
Technical field
The present invention relates to a kind of large scale digital live broadcast method based on digital rights management (hereinafter to be referred as DRM), relate in particular to a kind of design of communication protocol that is used for the digital rights management of digital content between the live DRM system various piece, belong to the information dissemination technology field.
Background technology
The appearance of digital technology makes a large amount of contents occur with digitized forms and issue, and makes that the copy of the digital content speed that becomes is fast, and cost is low, and distortion is little.Be accompanied by Internet development, digital content data is propagated and is become very easy, and a lot of digital content datas are propagated by bootlegging, can not get control and management, thus infringement content owner's interests.Extensive live quick circulation way as a kind of digital content is just obtaining application more and more widely.The control and the management of the digital content under extensive live become a very important problem.Extensive live the interactive relation that participates between the live each side is very complicated because large-scale, and existing certain methods is not suitable for live on a large scale.The traditional encryption or the method for scrambling, can only control transmission course with managing digital content, in case digital content arrives in user's hand, control and management have just been lost to digital content, and the method for traditional encryption or scrambling have only the user to use to the control of content and management and cannot use two kinds may, poor selectivity.
Summary of the invention
The objective of the invention is to propose a kind of large scale digital live broadcast method based on digital rights management, by encrypting live digital content or the mode of adding watermark in live digital content, make that the user can't be from directly obtaining original digital content through the digital content after the encryption, by signing and issuing the mode of licence, make the content owner can the control and management different user to the use of the different modes of this content, prevent the illegal use of user to this content.
The large scale digital live broadcast method based on digital rights management that the present invention proposes may further comprise the steps:
(1) digital content processing module receiving digital contents, digital content is carried out encryption, to obtain three road signals, wherein the first via is the digital content after encrypting, be sent to live module, the second the tunnel be digital content brief introduction, digital content unique identifier and with the corresponding scheduler module of this unique identifier address, be sent to release module, Third Road be digital content unique identifier and with this encryption after the corresponding live module's address of digital content, be sent to scheduler module;
(2) authentication module receives user's individual log-on message, generates this user's unique identifier, and this user identifier is combined with public information in the individual log-on message, generates this user's identification identifier;
(3) user by client from the brief introduction of above-mentioned release module key numbers, and according to digital content brief introduction obtain required digital content unique identifier and with the corresponding scheduler module of this unique identifier address;
(4) user sends dispatch request according to the scheduler module address of above-mentioned steps (3) to this scheduler module, and sends the unique identifier of digital content and user's oneself identification identifier to it;
(5) after scheduler module is received dispatch request, user's identification identifier is sent to authentication module, authentication module is verified it, and will be verified that the result is recycled to scheduler module;
(6) scheduler module is checked and verified the result, if the result is not for passing through in checking, scheduler module refusing user's request then, if the result is for passing through in checking, then scheduler module is dispatched according to the unique identifier of the digital content that receives, and will be sent to client with the live module or the parent customer end address at digital content place after the corresponding encryption of the unique identifier of this digital content, preserve scheduling result simultaneously, parent customer end wherein is meant and carries out lively, can be the client that the client that is about to enter provides service simultaneously;
(7) client is initiated service request according to above-mentioned live module or parent customer end address to live module or parent customer end, unique identifier with User Identity symbol and digital content is sent to this live module or parent customer end simultaneously, to obtain digital content;
(8) live module or parent customer end are sent to scheduler module with the user's that receives the identification identifier and the unique identifier of digital content, the scheduling result comparison that scheduler module is preserved itself and above-mentioned steps (6), and the result of comparison is back to live module or parent customer end;
(9) comparison result received of live module or the inspection of parent customer end, if comparison result is not for passing through, the request of then live module or parent customer end refusal client, if comparison result is for passing through, then the unique identifier of the digital content that receives of basis provides digital content after the encryption to client;
(10) after client receives digital content after the encryption, search corresponding licence with this digital content, if no suitable licence, then the user initiates to sign and issue license request by client to the licensing module, selects to buy corresponding licence according to different situations;
(11) the licensing module is sent to authentication module with the User Identity symbol of receiving, authentication module is verified it, and will be verified that the result is recycled to the licensing module;
(12) the checking result that receives of licensing module check, if the result is not for passing through in checking, the then request of licensing module refusing user's, if the result is for passing through in checking, then identification identifier that sends over according to the user and user's demand are signed and issued licence, and licence original or the copy of signing and issuing is sent to client according to different situations, preserve this licence simultaneously;
(13) reproduce digital content after the encryption of receiving according to user's actual needs under the client right of in licence, permitting.
In the said method, the communication process between client and the authentication module comprises the steps:
(1) client is given an order to authentication module, the request PKI;
(2) authentication module sends response to client, receives the request of request PKI;
(3) authentication module sends PKI to client;
(4) client is sent response to authentication module, receives PKI;
(5) client sends with the temporary key behind the public key encryption to authentication module;
(6) authentication module sends response to client, receives the temporary key after the encryption;
(7) client sends with the individual log-on message after the temporary key encryption to authentication module;
(8) authentication module is received with the individual log-on message after the temporary key encryption to client end response;
(9) authentication module sends identification document to client;
(10) client responds to authentication module, receives identification document.
In the said method, the communication process between client and the scheduler module comprises the steps:
(1) client sends identify label and program number to scheduler module;
(2) scheduler module is received identify label and program number to client end response;
(3) scheduler module sends scheduling result to client;
(4) client responds to scheduler module, receives scheduling result.
In the said method, the communication process between client and live module or the parent customer end comprises the steps:
(1) client sends identify label and program number to live module or parent customer end;
(2) live module or parent customer end are received identify label and program number to client end response;
(3) live module or parent customer end send content to client.
In the said method, mutual communication process between client and the licence module comprises the steps:
(1) client sends identify label to the licence module;
(2) the licence module is received identify label to client end response;
(3) the licence module sends the possible attribute list of licence to client;
(4) client is received the possible attribute list of licence to the licence module responds;
(5) client sends the attribute list want the licence bought to the licence module;
(6) the licence module is to client end response, receives the attribute list of wanting the licence bought;
(7) the licence module sends licence to client;
(8) client is received licence to the licence module responds.
In the said method, mutual communication process between live module or parent customer end and the scheduler module comprises the steps:
(1) live module or parent customer end send User Identity and program number to scheduler module;
(2) scheduler module is received User Identity and program number to live module or the response of parent customer end;
(3) scheduler module sends the checking result to live module or parent customer end;
(4) live module or parent customer end respond to scheduler module, receive the checking result.
In the said method, mutual communication process between scheduler module and the authentication module comprises the steps:
(1) scheduler module sends User Identity to authentication module;
(2) authentication module responds to scheduler module, receives User Identity;
(3) authentication module sends authentication result to scheduler module;
(4) scheduler module responds to authentication module, receives authentication result.
In the said method, mutual communication process between licence module and the authentication module comprises the steps:
(1) the licence module sends User Identity to authentication module;
(2) authentication module is received User Identity to the licence module responds;
(3) authentication module sends authentication result to the licence module;
(4) the licence module responds to authentication module, receives authentication result.
The large scale digital live broadcast method that the present invention proposes based on digital rights management, be used for providing direct broadcast service to the user, in service process, live digital content is encrypted, make that the user can't be from directly obtaining original digital content through the digital content after the encryption, by signing and issuing the mode of licence, make the content owner can the control and management user to the use of this content, prevent the illegal use of user to this content.And when the user preserves digital content, add user-dependent unique watermark, in order to follow the tracks of digital content.Use key sequence to encrypt digital content, the digital content anti-attack of robust more after feasible the encryption.The use of licence offers the user and more selects, and can select to buy less right with lower cost, also can select to buy more right with more cost.
Description of drawings
Fig. 1 is the FB(flow block) of the inventive method.
Fig. 2 is the detail flowchart of the inventive method.
Embodiment
Among Fig. 1, the 1st, digital content is sent to encryption processing module; The 2nd, encryption processing module is handled the original contents of receiving, the content after generate encrypting is sent to live module then, and the brief information etc. that generates content simultaneously is sent to release module and unique identifier etc. and is sent to scheduler module; The 3rd, the user to authentication module enrollment status, identifies this user identification identifier in system to obtain one by client; The 4th, authentication module returns user's identification identifier to client; The 5th, the user obtains live information by client to release module; The 6th, release module is returned live information to client; The 7th, the user by client to the service of scheduler module request scheduling; The 8th, scheduler module is brought the user by client identification identifier is sent to the authentication module checking; The 9th, authentication module is sent back to scheduler module to the result of checking; The 10th, scheduler module is dispatched, and the result of scheduling is returned to client; The 11st, the user serves to live module or the request of parent customer end by client; The 12nd, live module or parent customer end are investigated this user to scheduler module, see whether be the result of scheduler module scheduling; The 13rd, scheduler module is returned the result of verification to live module or parent customer end; The 14th, live module or parent customer end provide service to client; The 15th, the user by client to the licensing module card that asks for permission; The 16th, the licensing module is to authentication module requests verification user's identity; The 17th, authentication module returns the result of checking to the licensing module; The 18th, the licensing module is signed and issued licence and is given the user; 19 clients are reproduced shielded content according to the licence that the user buys.
The present invention proposes a kind ofly is used for communication process between live each module of DRM system, may further comprise the steps:
Agreement between licence module and the authentication module is to be used for the identity of licence module to authentication module requests verification user.The user is to the licence module card that asks for permission, and the licence module must know that whether legal this user effectively, whether responds this user's request with decision, provides service to him.The licence module sends to its ask for permission identify label of user of card to authentication module.The identity of authentication module authenticated user, and authentication result sent to the licence module.
Agreement between scheduler module and the authentication module is to be used for the identity of scheduler module to authentication module request authentication user.Scheduler module is received the user's that certain client is sent identify label, and it must know whether this user is legal effective.At first, the scheduler module user's that it is received to the authentication module transmission identify label.Then, the identity of authentication module authenticated user, and authentication result sent to scheduler module.
Agreement between live module or parent customer end and the scheduler module is to be used for live module or the parent customer end identity to scheduler module requests verification user.The user is to live module or parent customer end request service, and live module or parent customer end must know that whether this user is legal effective, to determine whether to respond this user's request, provides service to him.At first, live module or parent customer end send to the client of its request service to scheduler module and issue its User Identity and program number.Then, scheduler module checking user's identity and program number are seen whether be the result who oneself dispatches, and the result of checking are sent to live module or parent customer end.
Agreement between client and the licence module is to be used for client to the licence module card that asks for permission.The live content that client is received from live module or parent customer end is shielded.If the user wants this content is carried out various operations, it must have corresponding licence.If there is not corresponding licence, the user will be to the licence module card that asks for permission so.At first, client sends user's identify label to the licence module.Then, licence module verification user's identity, if legal effective, the licence module is just issued client to the possible attribute list of licence so.The user selects to want the attribute list of the licence bought, then it is sent to the licence module.The licence module just according to the attribute list of the licence of receiving, is signed and issued a corresponding licence, and licence is sent to the user.
Agreement between client and live module or the parent customer end is to be used for client to live module or parent customer end request direct broadcast service.At first, client sends user's identify label and he to live module or parent customer end and wants the program watched.Then, live module or parent customer end checking user's identity, if legal and be the scheduler module scheduling really, so live module or parent customer end just provide direct broadcast service to client, and shielded content is sent to client.
Agreement between client and the scheduler module is to be used for client to the service of scheduler module request scheduling.Client gets up to obtain the live module of direct broadcast service or the address list of parent customer end can be provided by dispatch service.At first, client sends user's identify label and he to scheduler module and wants the program watched.Then, scheduler module checking user's identity, if legal, scheduler module is just dispatched so, and the result of scheduling is sent to client.
Agreement between client and the authentication module is to be used for the user from the identity of client to authentication module registration oneself.The user wants to watch live program, and he must arrive first the authentication module registration, submits individual's detailed log-on message to authentication module, to become the validated user of system.At first, client sends a request to authentication module, and the request authentication module sends to client to its PKI.Then authentication module sends to client to the PKI of oneself.Client generates an interim key, use the PKI of receiving to encrypt this interim key then, encrypt individual's detailed log-on message simultaneously with this temporary key, then temporary key after encrypting and the individual's after the encryption log-on message is sent to authentication module.At last, authentication module uses ciphertext that the private key of oneself deciphers the temporary key of the receiving temporary key with the detailed log-on message that obtains being used for encrypting user, use personal information that the temporary key decipher out comes the user behind the enabling decryption of encrypted obtaining user's personal information then, and generate a unique identification number for this user.Then to a part of log-on message of user, some information of authentication module, and user's unique identifying number is issued the user with after forming user's identify label after the private key signature of authentication module.The identity of user in whole live broadcast system just come unique definite by his identify label.
In the communication process between each functional module of the inventive method, command format is: command header+command body, and wherein the form of command header and length are fixed, and the form of command body is different and different with what order with length.
Command header form in the said process is as follows:
Order ID | Integer (four bytes) | Be used for tabbing command |
Order length | Integer (four bytes) | Be used for indicating the length of command body |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, the communication process between client and the authentication module comprises the steps:
(1) client is given an order to authentication module, the request PKI, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000001 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) authentication module sends response to client, receives the request of request PKI, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000001 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) authentication module sends PKI to client, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000002 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | PKI, the byte number that takies is relevant with using public-key length, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(4) client is sent response to authentication module, receives PKI, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000002 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(5) client sends with the temporary key behind the public key encryption to authentication module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000003 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Temporary key behind the public key encryption, the byte number that takies is relevant with the length of length that is used public-key and temporary key, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(6) authentication module sends response to client, receives the temporary key after the encryption, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000003 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(7) client sends with the individual log-on message after the temporary key encryption to authentication module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000004 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | After temporary key is encrypted, the byte number that takies is relevant with using public-key length, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(8) authentication module receives that to client end response command format is as follows with the individual log-on message after the temporary key encryption;
Order ID | Integer (four bytes) | 0x80000004 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(9) authentication module sends identification document to client, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000005 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(10) client responds to authentication module, receives identification document, and command format is as follows.
Order ID | Integer (four bytes) | 0x80000005 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, the communication process between client and the scheduler module comprises the steps:
(1) client sends identify label and program number to scheduler module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000006 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
Program number | Integer (four bytes) | Program number |
Reserved |
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) scheduler module is received identify label and program number to client end response, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000006 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) scheduler module sends scheduling result to client, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000007 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Scheduling result, the byte number that takies is relevant with the form of scheduling result, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(4) client responds to scheduler module, receives scheduling result, and command format is as follows.
Order ID | Integer (four bytes) | 0x80000007 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, the communication process between client and live module or the parent customer end comprises the steps:
(1) client sends identify label and program number to live module or parent customer end, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000008 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
Program number | Integer (four bytes) | Program number |
Reserved |
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) live module or parent customer end are received identify label and program number to client end response, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000008 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) live module or parent customer end send content to client, and command format is as follows.
Order ID | Integer (four bytes) | 0x00000009 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Digital content, the byte number that takies is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, mutual communication process between client and the licence module comprises the steps:
(1) client sends identify label to the licence module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000010 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) the licence module is received identify label to client end response, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000010 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) the licence module is to the possible attribute list of client transmission licence, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000011 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | The possible attribute list of licence, the byte number that takies is relevant with the attribute column tableau format, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(4) client is received the possible attribute list of licence to the licence module responds, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000011 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(5) client sends the attribute list want the licence bought to the licence module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000012 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Want the possible attribute list of the licence bought, the byte number that takies is relevant with the attribute column tableau format, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(6) the licence module is to client end response, receives the attribute list of wanting the licence bought, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000012 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(7) the licence module sends licence to client, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000013 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Licence, the byte number that takies is relevant with the form of licence, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(8) client is received licence to the licence module responds, and command format is as follows.
Order ID | Integer (four bytes) | 0x80000013 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, mutual communication process between live module or parent customer end and the scheduler module comprises the steps:
(1) live module or parent customer end send User Identity and program number to scheduler module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000014 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
Program number | Integer (four bytes) | Program number |
Reserved |
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) scheduler module is received User Identity and program number to live module or the response of parent customer end, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000014 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) scheduler module sends the checking result to live module or parent customer end, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000015 |
Authentication result | Integer (four bytes) | The checking result |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(4) live module or parent customer end respond to scheduler module, receive the checking result, and command format is as follows.
Order ID | Integer (four bytes) | 0x80000015 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, mutual communication process between scheduler module and the authentication module comprises the steps:
(1) scheduler module sends User Identity to authentication module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000016 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) authentication module responds to scheduler module, receives User Identity, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000016 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) authentication module sends authentication result to scheduler module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000017 |
Authentication result | Integer (four bytes) | Authentication result |
Reserved |
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(4) scheduler module responds to authentication module, receives authentication result, and command format is as follows.
Order ID | Integer (four bytes) | 0x80000017 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
In the said method, mutual communication process between licence module and the authentication module comprises the steps:
(1) the licence module sends User Identity to authentication module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000018 |
Content-length | Integer (four bytes) | The length of content field |
Content | Character type (length equals content-length) | Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(2) authentication module is received User Identity to the licence module responds, and command format is as follows;
Order ID | Integer (four bytes) | 0x80000018 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(3) authentication module sends authentication result to the licence module, and command format is as follows;
Order ID | Integer (four bytes) | 0x00000019 |
Authentication result | Integer (four bytes) | Authentication result |
Reserved |
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
(4) the licence module responds to authentication module, receives authentication result, and command format is as follows.
Order ID | Integer (four bytes) | 0x80000019 |
|
Integer (four bytes) | Keep null |
Reserved word 2 | Integer (four bytes) | Keep null |
Claims (1)
1. large scale digital live broadcast method based on digital rights management is characterized in that this method may further comprise the steps:
(1) encryption processing module receiving digital contents, digital content is carried out encryption, to obtain three road signals, wherein the first via is the digital content after encrypting, be sent to live module, the second the tunnel be digital content brief introduction, digital content unique identifier and with the corresponding scheduler module of this unique identifier address, be sent to release module, Third Road be digital content unique identifier and with this encryption after the corresponding live module's address of digital content, be sent to scheduler module;
(2) authentication module receives user's individual log-on message, generates this user's unique identifier, and this user identifier is combined with public information in the individual log-on message, generates this user's identification identifier;
(3) user by client from the brief introduction of above-mentioned release module key numbers, and according to digital content brief introduction obtain required digital content unique identifier and with the corresponding scheduler module of this unique identifier address;
(4) user sends dispatch request according to the scheduler module address of above-mentioned steps (3) to this scheduler module, and sends the unique identifier of digital content and user's oneself identification identifier to it;
(5) after scheduler module is received dispatch request, user's identification identifier is sent to authentication module, authentication module is verified it, and will be verified that the result is recycled to scheduler module;
(6) scheduler module is checked and verified the result, if the result is not for passing through in checking, scheduler module refusing user's request then, if the result is for passing through in checking, then scheduler module is dispatched according to the unique identifier of the digital content that receives, and will be sent to client with the live module or the parent customer end address at digital content place after the corresponding encryption of the unique identifier of this digital content, preserve scheduling result simultaneously;
(7) client is initiated service request according to above-mentioned live module or parent customer end address to live module or parent customer end, unique identifier with User Identity symbol and digital content is sent to this live module or parent customer end simultaneously, to obtain digital content;
(8) live module or parent customer end are sent to scheduler module with the user's that receives the identification identifier and the unique identifier of digital content, the scheduling result comparison that scheduler module is preserved itself and above-mentioned steps (6), and the result of comparison is back to live module or parent customer end;
(9) comparison result received of live module or the inspection of parent customer end, if comparison result is not for passing through, the request of then live module or parent customer end refusal client, if comparison result is for passing through, then the unique identifier of the digital content that receives of basis provides digital content after the encryption to client;
(10) after client receives digital content after the encryption, search corresponding licence with this digital content, if no suitable licence, then the user initiates to sign and issue license request by client to the licensing module, selects to buy corresponding licence according to different situations;
(11) the licensing module is sent to authentication module with the User Identity symbol of receiving, authentication module is verified it, and will be verified that the result is recycled to the licensing module:
(12) the checking result that receives of licensing module check, if the result is not for passing through in checking, the then request of licensing module refusing user's, if the result is for passing through in checking, then identification identifier that sends over according to the user and user's demand are signed and issued licence, and licence original or the copy of signing and issuing is sent to client according to different situations, preserve this licence simultaneously;
(13) digital content after the encryption that reproduction is received according to user's actual needs under the right that client is permitted in licence.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100625752A CN100367700C (en) | 2004-07-02 | 2004-07-02 | Large scale digital live broadcast method based on digital right management |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100625752A CN100367700C (en) | 2004-07-02 | 2004-07-02 | Large scale digital live broadcast method based on digital right management |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1588849A CN1588849A (en) | 2005-03-02 |
CN100367700C true CN100367700C (en) | 2008-02-06 |
Family
ID=34603726
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2004100625752A Expired - Fee Related CN100367700C (en) | 2004-07-02 | 2004-07-02 | Large scale digital live broadcast method based on digital right management |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100367700C (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101582876A (en) * | 2008-05-12 | 2009-11-18 | 华为技术有限公司 | Method, device and system for registering user generated content (UGC) |
CN101729176B (en) * | 2008-10-22 | 2012-10-03 | 华为技术有限公司 | Method, system and device for synchronizing authentication information in broadcasting service |
CN101827108B (en) * | 2010-05-12 | 2012-10-10 | 清华大学 | Method for describing and acquiring right object of digital work in digital right management |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1335557A (en) * | 2000-07-03 | 2002-02-13 | 株式会社日立制作所 | Data display method and system |
WO2002035426A1 (en) * | 2000-10-25 | 2002-05-02 | Lightning Source, Inc. | Fulfilling a request for an electronic book |
WO2003045036A2 (en) * | 2001-11-15 | 2003-05-30 | General Instrument Corporation | Key management protocol and authentication system for secure content delivery over the internet |
-
2004
- 2004-07-02 CN CNB2004100625752A patent/CN100367700C/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1335557A (en) * | 2000-07-03 | 2002-02-13 | 株式会社日立制作所 | Data display method and system |
WO2002035426A1 (en) * | 2000-10-25 | 2002-05-02 | Lightning Source, Inc. | Fulfilling a request for an electronic book |
WO2003045036A2 (en) * | 2001-11-15 | 2003-05-30 | General Instrument Corporation | Key management protocol and authentication system for secure content delivery over the internet |
Also Published As
Publication number | Publication date |
---|---|
CN1588849A (en) | 2005-03-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101043319B (en) | Digital content protective system and method | |
CN1327373C (en) | Method of protecting and managing digital contents and system for using thereof | |
JP4750352B2 (en) | How to get a digital license for digital content | |
CN102057382B (en) | Temporary domain membership for content sharing | |
RU2352985C2 (en) | Method and device for authorisation of operations with content | |
CN100399225C (en) | Method for determining use permission of information and content distribution system using the method | |
CN100353273C (en) | Divided rights in authorized domain | |
US20040225884A1 (en) | Electronic signature system and method | |
US8359473B1 (en) | System and method for digital rights management using digital signatures | |
JP4548441B2 (en) | Content utilization system and content utilization method | |
WO2006109982A1 (en) | License data structure and license issuing method | |
JP2004046790A (en) | System for digital contents protection and management | |
CN1961270A (en) | License management in a privacy preserving information distribution system | |
CN1937495A (en) | Digital copyright protection method and system for media network application | |
JP4561146B2 (en) | Content distribution system, encryption apparatus, encryption method, information processing program, and storage medium | |
Zhang et al. | Using blockchain to protect personal privacy in the scenario of online taxi-hailing | |
CN101189633A (en) | Method and apparatus for authorizing rights issuers in a content distribution system | |
US20170024551A1 (en) | System, method and apparaturs for securely distributing content | |
CN103237010B (en) | The server end of digital content is cryptographically provided | |
KR20210037274A (en) | Apparatus and method for managing contents | |
CN112163191A (en) | Education resource sharing method and system based on national secret block chain | |
JP3956106B2 (en) | Computer apparatus and program | |
CN1371059A (en) | Data releasing system | |
CN101425112A (en) | Digital exequatur sending system and digital work decipher operation method | |
CN101501724A (en) | Rights management system for streamed multimedia content |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080206 Termination date: 20210702 |